<?php use mystic\forum\orm\Post; use mystic\forum\orm\Topic; use mystic\forum\orm\User; use mystic\forum\orm\UserPermissions; use mystic\forum\utils\RequestUtils; if (!$currentUser) { http_response_code(403); msg_error(__("You need to be logged in to update posts!")); exit; } $formId = "updatepost"; $postId = RequestUtils::getRequiredField("post", $formId); $message = RequestUtils::getRequiredField("message", $formId); $item = new Post(); $item->id = $postId; if (!$db->fetch($item) || $item->deleted) { http_response_code(404); msg_error(__("No post exists with this id")); exit; } $topicAuthor = new User(); $topicAuthor->id = $item->authorId; if (!$db->fetch($topicAuthor)) $topicAuthor = null; $canEdit = ($currentUser->id === $topicAuthor?->id && $topicAuthor?->hasPermission(UserPermissions::EDIT_OWN_POST)) || ($currentUser->hasPermission(UserPermissions::EDIT_OTHER_POST)); $topic = new Topic(); $topic->id = $item->topicId; if (!$db->fetch($topic)) $topic = null; if ($topic->isLocked) { http_response_code(403); msg_error(__("This topic has been locked")); exit; } if (!$canEdit) { http_response_code(403); msg_error(__("You don't have permission to edit this post")); exit; } $confirm = $_POST["confirm"] ?? null; $item->content = $message; $item->edited = true; if (!$db->update($item)) { http_response_code(500); msg_error(__("Failed to update post")); exit; } header("Location: ?_action=viewtopic&topic=" . urlencode($item->topicId) . "#post-" . urlencode($postId));